Author: admin

Wireless security

When you're using wireless, youare sending data from your computer to an accesspoint through the internet to a server. The security of a data streamis only as good as the security of the weakestsegment. Often the weakest link is thewireless link from your computer to the access point. While your traffic is in transitbetween your …

How to fix unknown error – Security Software (Win XP)

Security software can cause unwanted conflictswith iTunes on a windows pc security software does not always recogniseitunes as a friendly application, and may block it from restoring or updating this article explains how to disable securitysoftware, even if you don't know what you have on your computer.

The first step is to click on the start menu,and choose run.

What we want to type in is msconfig, whichstands for microsoft configuration.

We need to change this first part to selectivestartup And then uncheck load startup items Next we want to move to the sevices tab And tick the box next to hide all microsoftservices Once that is ticked, you can click disableall And we will move onto the startup tab.

What we want to find in here is iTunes helper,and tick the box next to that one.

Once done, hit the apply button.

You may encounter a message saying an accessdenied error was returned.

If you encounter that message it is perfectly ok, just hitthe OK message and then ok again to get out of there.

now you can restart the computer Now that your computer has rebooted, you shouldsee this message.

Click ok.

Then have a look at the startuptab.

Some security software will prevent itselffrom being disabled.

As you can see from my example, zone alarmand norton security are both still running even after we've disabled them as a startupitem Once we've identified what is still running,we will need to delete those.

We can do this by clicking the start menu,and selecting control panel.

Inside the control pane we need to find theicon "add remove programs".

Now your view may actually look a little different thanmy control panel.

But regardless of which way it looks, it will still have that icon Once the program list loads, it will looksomething like this.

Select the security software that was notdisabled earlier, and click to uninstall.

Source: Youtube

How to fix unknown error – Security Software (Win 7)

Security software can cause unwanted conflictswith iTunes on a windows pc.

security software does not always recogniseitunes as a friendly application, and may block it from restoring or updating.

this video explains how to disable securitysoftware, even if you do not know what you have on your computer.

the first thing to do is click on the startmenu and in the search box at the bottom type in msconfig.

once the window comes up, we want to go toselective startup, and un-tick load startup items.

we'll then go across to the servicestab, hide all microsoft services, and then disable all.

we'll go across to the startuptab.

and we want to look for anything that represents itunes or apple and enable those.

once your done you can click apply and thenok.

and it should prompt you then to restart the computer.

now that the computer is restarted, we'regoing to go back down to the start menu and type in msconfig one more time.

once the windowcomes up we'll go across to the startup tab.

and we're going to look for anything thatwas unticked previously and has now re-ticked itself.

in my example it is kaspersky anti-virus once we've identified what we need to getrid of we'll go to the control panel.

It's probably simpler if you change the view fromsmall icons in the top right corner to category view, that way we can go down to uninstalla program and once a list of programs loads we'll findthe security software that had re-ticked itself as we just saw.

in my example that was kasperskyanti virus once we uninstall this software, you'll befree to use itunes without any risk of the security software blocking that connection simply follow the prompts provided to uninstallthe software and if you have any questions or queries regarding how to do that, referto the software's website.

Source: Youtube

Chrome Packaged Apps – Security Model

Hello! My name is Adam Barth and I work onthe Chrome team’s packaged apps effort.

I am here to talk to you about the securitymodel of packaged apps.

Packaged apps have access to features andservices that a normal web app would never have access to.

Users need to be confidentthat the apps they install will not behave in unexpected ways that endanger their system.

Chrome has a variety of defenses and protections that make it easier for you to create saferapps.

The first is process and storage isolation.

One of the foundations of the web security model is that a web app or site on one domainis not allowed to affect the data held in another.

This same principle is upheld forpackaged apps too.

 Even though an app is installed, actions inside it should not beable to directly affect data in another.

Each packaged app runs in its own process,so if something goes awry it will not directly affect apps running on the user’s system.

The data stored in each app is also sandboxed and isolated from other packaged applicationsinstalled on the user’s system.

This means that a file saved in the app will only bevisible to the app and the user that created it.

Secondly, Chrome makes use of a technology called Content Security Policy, commonly knownas CSP.

This technology helps protect users and developers from common cross-site scriptingattacks that can be found on the web.

 In fact CSP is enforced by default for everypackaged app.

Because packaged apps have access to evenmore features than a web app, CSP has disabled some features that you might expect as a developersuch as: Inline scripts like click handlers and <script>tags with code inside and ‘eval’ and the ‘new function’methods We know that sometimes you need to use thesefeatures so we’ve introduced a feature called “sandboxed pages”.

 These are pages inyour app that use all the features of the current web such as eval, new Function andinline script tags, but importantly have no direct access to advanced packaged app features.

The third protection in apps is the permissions model.

Apps can’t just use any feature theywant.

The user needs to have granted access to this feature.

 You can easily declareyour apps intent by configuring the permissions that you need in the manifest file.

For exampleyou can declare that your app needs access to the user’s video camera, or access toraw sockets.

Finally another security measure is the <browser>tag for web content.

Imagine you are building an RSS feed readerthat will show news articles in the app experience.

Adding web content directly is dangerous,as you have no control over what external authors are adding to their content.

Howeverthe user experience demands that you show the content.

The <browser> tag is like aniframe in that it will allow you to embed web content into your app from an externalresource but it is entirely isolated from your app.

This was just a quick overview of the security model for packaged apps.

To learn more on how to develop packaged apps visit developer.

Chrome.

Com/apps.

Source: Youtube

CrowdStrike Partners with Coverity to Ensure Software Security

Hi, my name is George Kurtz, Chief ExecutiveOfficer at CrowdStrike and one of the co-founders.

Formerly, I spent about seven years at McAfee,most recently as their Chief Technology Officer and before that I was the Chief ExecutiveOfficer at a company called, Foundstone, which I founded and I am one of the co-authors ofHacking Exposed.

So the security landscape has dramaticallychanged of the last ten years.

Where system administrators and companies used to havea very easy to manage website, maybe a simple database those times have changed dramatically.

Now we have a lot more complexity with cloud environments, we have complexity with dataand understanding where that data is at and ultimately the bad guys have gotten smarter.

And because they have gotten smarter and because their techniques have evolved dramaticallyfrom exploiting simple buffer overflows to a range of new techniques that are very hardto defend against, it's really imperative for organizations to start at the foundationallevel and understand if their code is actually secure before they deploy it.

As you might imagine, security is absolutely critical because CrowdStrike is in the securitybusiness.

We know that our software is going to be attacked and for us it was absolutelycritical to build security in from the ground up.

We needed to insure that we were releasingthe highest quality code without any security vulnerabilities, to insure our customer safetyand that is really one of the primary reasons why we decided to partner with Coverity sincethe beginning of the formation of the company.

One of our goals at CrowdStrike is to helpour customers identify and prevent damage from targeted attacks.

What we have seen attackersdo over the years is really run the same plays.

They'll spearfish, they'll exploit a commonvulnerability, they'll get into a system and they'll exfiltrate data.

And that entry pointinto the system almost all the time is based upon the exploitation of a vulnerability.

That vulnerability could have been caught a lot earlier in the development process ifcompanies embraced a technology like Coverity.

What was critical for CrowdStrike is to makesure we didn't disrupt our development process which is one of the reasons we chose Coveritybecause we could build it into our CrowdStrike secure development lifecycle.

So our developersnow get actionable information.

Most importantly it's accurate.

They know exactly what to fixand how to fix it and for us, time is money and we can get our code out that much faster.

One of the challenges I have seen over my career is that security auditor are alwaystrying to force feed a security product into the development lifecycle.

And the thing thatI love about Coverity is it actually provides a way to bridge the gap between developmentand security and really focuses the effort on building a product from the ground up thatis secure rather than coming in after the fact, after the requirement s have been made,after the products have been built and doing a static audit.

And what I have seen is thatit is about ten times more expensive to actually fix a security defect after the fact as opposedto when it was actually being built.

At CrowdStrike, I believe we have some ofthe best security engineers and programmers in the world and the last thing they wantto be doing is dealing with is dealing with false positives.

And one of the things thatwas really attractive to us was is a really low false positive rate from Coverity.

Sowe know when we see defect, it's probably going to be real and it's something we needto address immediately.

Which has really been a win-win and one of the reasons our developersactually use the product as opposed to putting it on the shelf.

Over the coming years, the security landscape is going to continue change.

The adversariesare going to get smarter, they are going to become more destructive and really it is incumbentsecurity professionals and developers to solve this really hard problem.

And I often seedevelopers left out the solution.

The reality is, if the developers are empowered with theright technology, they can eliminate security vulnerabilities from the beginning duringthe development phase which ultimately keeps all of our customers more secure.

Source: Youtube

Computer Security | Federal Trade Commission

Every day you hear aboutscammers, hackers, and thieves, trying to use theinternet to steal your money and your financialinformation.

The fact is you, me, we, canfoil many of their attempts.

Every day, we do things to makeit tough for bad guys to break into our homesand our cars.

We can make it tougher forthem to break into our computers too.

Here are some ways to foila hacker and protect your financial information.

Install security softwareon your computer.

Well-known companies offerplenty of free options.

Set the software to updateautomatically so it can deal with any new security threats.

While you're at it, set youroperating system and web browser to update automaticallytoo.

If you're not sure how, use theHelp function and search for automatic updates.

If you get a phone call, anemail, a text, or a pop-up that says your computer has avirus or malware, don't buy the story or the securitysoftware they're selling.

It could be a trick to get youto buy software that's worthless or even harmful.

Treat your financial informationlike cash.

It's a hot commodity.

If someone asks for yourfinancial information, say your social security, creditcard, or bank account number, ask why they need it and howthey're going to protect it.

If you think you've found agood deal online but you aren't familiar with thecompany, dig a little deeper.

A quick internet search withthe name of the company and the word review or complaintcan reveal a lot.

Always look for a physicaladdress and phone number too.

That way you know who to contactif there's a problem.

Don't provide your personal orfinancial information unless the website you'reon is secure.

If the URL doesn't start withhttps, don't enter your financial information.

That S stands for secure.

It means the information you'resending is encrypted and protected.

Make your passwords count.

They should be at least 10characters and a mix of numbers, letters, andspecial characters.

Don't use your name, birthdate, or common words.

Don't use the same passwordfor several accounts as tempting as that maybe.

If it's stolen, hackerscan use it to access your other accounts.

Keep your passwords in a secureplace, and don't share them with anyone.

Back up your computer files.

For example, copy importantfiles to an external hard drive on a regular basis.

That way if there's a problemwith your computer, you won't lose everything.

Life is online whether you liveit using a smartphone, a tablet, a laptop, or a desktop,it's a good time to make computer securitya habit.

Find out more atOnGuardOnline.

Gov, the federal government's site to helpyou be safe, secure, and responsible online.

Source: Youtube

VMware and Trend Micro: Security for the Software Defined Datacenter – Trend Micro

Hello, I'm Steve Kwan[sp].

And I'm here with Adim Nahid[sp] And we're excited to do another year of a great partnership between VMware and Trend Micro.

Over the last [xx] years our customer have been moving quickly to adopt cloud.

And security is top of mind for them and I think the relationship has really helped to [xx] [xx] that adoption, Trend Micro has been able to deliver a lot of the security capabilities from an end-point perspective and more within the context of the VMware environment.

Deep Security is a shield around our virtual [xx].

It does anti-malware, it does firewall, it does intrusion prevention log inspection.

It's very easy to deploy and manage.

Deep Security allows companies to scale at a very rapid rate.

Without Deep Security Virtual patching, we would not have been able to bring this project live.

Trying to have the in-depth knowledge of security in a virtual world, and in a the cloud that we needed.

Source: Youtube

Digital Security Software

SO, IF YOU AE THE PARENT OF A TEENAGER, YOUMIGHT WANT TO LISTEN UP.

I'M LISTENING BECAUSE I'VE GOT A PRE-TEEN.

MORE AND MORE TEENS ANDEVEN PRE-TEENS GO ONLINE AS WE KNOW.

THEY'RE USING THEIR CELL PHONES, THEIR LAPTOPS, THEIRTABLETS, MOMS AND DADS NEED TO BE EXTRA DILIGENT, 24/7 IN FACT TO KEEP THEM OUT OF DIGITAL HARMSWAY.

WITH US THIS MORNING TO DISCUSS HOW TO DO JUST THAT – HOW TO KEEP OUR CHILDREN SAFEIN AN ONLINE WORLD IS STACY CONNER, DIRECTOR OF WORLDWIDE RETAIL MARKETING FOR MCAFEE,HEY STACY, GOOD MORNING.

HI, GOOD MORNING DANIELLE.

TIMELY TOPIC, GIVEN THAT I DO HAVE A 12 YEAR-OLDIN MY HOUSE, RIGHT NOW, AND SO WHAT CAN YOU TELL US ABOUT KIDS ONLINE HABITS THAT WE ASPARENTS MIGHT NOT KNOW.

WELL, THE FIRST THING I WOULD SAY IS, THERE'SSOME GAPS, THERE'S SOME PRETTY BIG GAPS.

IT'S INTERESTING MCAFEE JUST DID A STUDY CALLEDTHE DIGTAL DECEPTION SURVEY, WHERE WE WENT OUT AND TALKED TO TWEENS AND TEENS ABOUT THEIRONLINE HABITS AND ABOUT THE DEVICES THAT THEY USE SUCH AS TABLETS AND SMART PHONES.

HERE'SWHAT WE LEARNED.

THE BIG THING? KIDS ARE ONLINE TWICE AS MUCH AS THE PARENTS THINK THEY ARE.

ALSO, THEIR TAKING MEASURES TO PUT VERY PERSONAL INFORMATION OUT ABOUT THEMSELVES ONLINE ANDALSO TAKING PROACTIVE MEASURES TO KEEP PARENTS IN THE DARK ABOUT WHAT THEY'RE DOING.

SO, THEIR BEING SLICK AND YRYING TO FOOL US IS WHAT YOU'RE SAYING (LAUGHS).

THAT'S A TEEN FOR YOU, RIGHT? UM, BUT THE OTHER THING THE MOST CONCERNINGTHING THAT I FOUND FROM THE STUDY WAS THE FACT THAT THESE TEENS AND TWEENS ALREADY AREHAVING NEGATIVE ONLINE EXPERIENCES IN THE FORM OF CYBER BULLYING OR OTHER CYBER THREATSAND THINGS LIKE THAT, AND YOU KNOW, ALL OF THIS DATA LED MCAFEE TO CREATE A NEW PRODUCTTHAT WE CALL MCAFEE LIVE SAFE.

I THINK I LOVE THAT BECAUSE ONE OF THE THINGSFOR ME AS A PARENT I WILL DO ANY AND EVERYTHING TO PROTECT MY CHILDREN IN THE PHYSICAL WORLD.

YES.

IT'S A LITTLE MORE DIFFICULT TO DO IN THECYBER WORLD, WHAT CAN WE DO TO PROTECT OUR FAMILY?WELL, I THINK TWO THINGS COME TO MIND, THE FIRST IS HAVE CONVERSATIONS WITH YOUR TWEENSAND TEENS, MAKE SURE YOU START THAT DIALOGUE AND AS A PARENT MAKE SURE THAT YOU'VE GOTTHAT AWARENESS AS FAR AS HOW YOUR TEENS ARE ENGAGING ONLINE AND WHAT TECHNOLOGIES THEY'REREALLY USING.

I ALSO LIKE TO REMIND PARENTS, THOUGH, THAT YOU HAVE TO HAVE SECURITY ONEVERY SINGLE DEVICE THAT THEY'RE GOING TO USE.

IF IT'S A TABLET, IF IT'S A SMART PHONE,WHETHER THEY'RE USING IT FOR FIVE MINUTES A DAY, OR FIVE HOURS A DAY, IT ABSOLUTELYHAS TO HAVE SUCURITY.

THE THING AS ADULTS THAT WE KNOW IS WE ALL HAVE GOT DIGITAL FOOTPRINTS,EVERY TIME WE PUT SOMETHING OUT OR PUT A POST ON FACEBOOK OR TWITTER OR ENGAGE WITH THEINTERNET IN ANY WAY, OUR DIGITAL FOOTPRINT GROWS.

BUT GUESS WHAT? OUR TWEENS AND TEENSARE ALSO STARTING THEIR DIGITAL FOOTPRINTS AND IT'S REALLY IMPORTNAT TO PROTECT THATFOOTPRINT FROM EARLY ON.

I THINK IT'S INTERESTING BECAUSE THEY DON'TKNOW WHAT WE KNOW ABOUT THAT DIGITAL FOOTPRINT, SO WE MAY BE MORE CAREFUL IN TERMS OF WHATWE PUT ONLINE THAT MAY BE TWEENAGERS AND TEENAGERS DO WHO DON'T KNOW.

SO, WHEN IT COMES TO SECURITYSOFTWARE, THEN WHAT FEATURES ARE MOST IMPORTANT? WELL, THE FIRST THING IS A SECURITY FEATURETHAT ALLOWS YOU TO PUT SECURITY ON EVERY DEVIE THATS IN YOUR HOUSEHOLD.

WE CALL THAT UNLIMITEDDEVICE COVERAGE.

WHEN YOU BRING A NEW DEVICE INTO YOUR HOME, YOU DON'T WANT TO HAVE TOWORRY ABOUT GOING OUT AND BUYING A NEW SOFTWARE SECURITY PACKAGE TO PUT ON IT, YOU JUST WANTA SECURITY PROGRAM THAT YOU CAN DEPLOY TO THAT DEVICE AS SOON AS YOU BRING IT IN THEHOME.

NOW, FOR OUR KIDS AND OUR TWEENS, ONE OF THE MOST IMPORTANT FEATURES THAT YOU CANHAVE IS SOMETHING CALLED PARENTAL CONTROLS.

OKAY.

THIS IS GOING TO ALLOW YOU TO TRACK INTERNET USAGE, MONITOR THE SITES THEY GO ON AND IT'SALSO GOING TO ALLOW THOSE TWEENS AND KIDS TO KNOW IF THEY'RE ABOUT TO GO TO A GOOD SITEOR MAYBE A NOT SO GOOD SITE.

FOR OUR TEEN SET, THE BIG THING IS A COUPLE OF THINGS;OUR TEENS ARE USING TABLETS AND SMART PHONES MORE AND MORE, AND GUESS WHAT? THEY GET LOST,THEY GET STOLEN.

UM HMM.

SO, HAVING A FEATURE THAT ENABLES YOU TO LOCATE, LOCK AND WIPE THE DEVICE, SHOULD IT BECOMELOST OR STOLEN, IS ABSOLUTELY CRITICAL.

SO STACY, IN ALL HONESTY, IS THERE A WAY THATWE AS PARENTS CAN KIND OF BE THAT SOFTWARE EXPERT AND TRULY PROTECT OURSELVES AND OURFAMILIES? THE ANSWER, DANIELLE, IS NO.

PARENTS DON'TNEED TO BE SOFTWARE EXPERTS, MCAFFEE IS THE SOFTWARE EXPERT.

LET US DELIVER THAT EXPERTISETO YOU, BUT IT IS ABSOLUTELY POSSIBLE FOR YOU TO PROTECT YOUR FAMILY WITH A GREAT PRODUCTWITH EASY TO USE FEATURES AND THAT'S MACAFEE LIVE SAFE.

JUST ABOUT TEN SECONDS LEFT, WHAT ARE THE MOST IMPORTANT THINGS THAT WE NEED TO REMEMBERWHEN IT COMES TO OUR KIDS ONLINE SAFETY? HAVE THE CONVERSATION AND BE AWARE ABOUT WHATYOUR TWEENS AND TEENS ANRE DOING ONLINE, HAVE SOME SECURITY ON EVERY SINGLE DEVICE THATTHEY MIGHT BE USING AND MAKE SURE THAT IT'S GOT THOSE CRITICAL FEATURES LIKE PARENTALCONTROLS AND AVAILABILITY TO LOCATE, LOCK AND WIPE, AND I JUST WANT TO POINT OUT THATOUR MCAFEE LIVE SAFE PRODUCT HAS ALL OF THAT.

AND YOU KNOW THEY'LL HATE US NOW BUT THEY'LLTHANK US LATER.

ABSOLUTELY.

I TELL MY KID THAT ALL THE TIME (LAUGHS).

THANK YOU SO MUCH STACY FOR COMING BY, GREATINFORMATION.

THANK YOU.

AND IF YOU'D LIKE TO PROTECT YOUR FAMILY VISIT THE FOLKS OVER AT MCAFEE BY GOING TO LIVESAFE.

COM,THAT'S LIVE, L-I-V-E SAFE DOT COM.

OH, AND DON'T FORGET TO VISIT US ON FACEBOOK, SHARENY OF YOUR INTERNET STORIES OR DIGITAL CONCERNS.

THATS FACEBOOKBALANCINGACTFANS.

Source: Youtube

Eagle Investment Systems: Ensuring Software Quality & Security with Coverity

Eagle Investment Systems is a financial servicestechnology firm.

Our objective is to help our customers to grow their assets efficiently.

We provide data management, accounting and performance solutions to a global client baseand as a result of being wholly owned by BN MELLON? we can offer a number of differentservices from either an on premise solution to a secure private cloud one to a full businessoutsourcing capability.

We wanted to take a holistic view of our SDLC,of our software development lifecycle.

We wanted to work with vendors that were industryexperts, best of breed technologists in their spaces.

Piece those together to really enhancea quality program around how we release software to the marketplace.

And we felt some of thecapabilities and checkers that Coverity provided gave us that.

Working with Coverity duringthat proof of concept, we were very, very impressed by the comprehensive and in-depthnumber of checkers that were available to us for our C++ code.

We were also really impressedby the access to some of the senior engineers that would work with us on a one on one basisto understand how the tool worked and how we can use it to drive our efficiency.

It was a tool built by developers, for developers.

So what that really meant was that we couldcontinue to maintain a good, healthy environment around development but at the same time ensurethat the developers were managing their own quality defects.

One of the things that wereally liked about the Coverity application was its alignment to the CWE, the Common WeaknessEnumeration library.

It helped us in terms of explaining the types of defects to notjust our engineering staff, but our services and support teams.

We have two implementation strategies for how we leverage Coverity.

The first is reallyensuring that there are no new defects in the application.

So as we're doing daily builds,our engineers are getting informed of defects or software coding flaws as early on in thecycle as possible.

The second piece is really around managing defect density and managingtechnical debt.

So if there's an error in our application where we feel we need to focusattention on, we shift resources into that area and drive down the defect density onthat particular subject.

Application security is a key discipline within a software developmentlifecycle, especially as we deliver our software through Eagle Access, our secure private cloud.

A recent extension of our use of Coverity has included checks on the C# code.

And whatthat allows us to do it help our engineers understand common vulnerabilities using theCWE libraries, as well as the OWASP libraries.

So Eagle's an Agile R&D shop.

A couple ofthings that we do and how plug Coverity into them is we build our software at least oncea day.

So what that means is as our engineers get Coverity defect feedback every morning,so whether it's the offshore guys or the onshore team, they're able to evaluate any flaws thatthey may have introduced into the previous day's development.

Quality is crucial to our business.

Our clients rely on our solutions every single day topower their investment decisions.

Really the ROI for us was being able to identify issuesearlier in the lifecycle.

It's fairly well known that the longer that a defect continuesdown that software development lifecycle and literally ends up into production, the morecostly it is for a firm.

What we wanted to do was identify as many of those issues aspossible, as early in the process as possible, so that we can continue to drive efficienciesand continue to deliver quality to our customers.

Source: Youtube

SolarWinds Security Software – Log & Event Manager

Hello, I'm Rob Johnson, Sales Engineer here at SolarWinds and today I'd like to introduce you to an important product in SolarWinds' security portfolio: SolarWinds Log & Event Manager or LEM.

Log & Event Manager is a Security Information & Event Management (or SIEM) product designed to make monitoring log data for security easy.

SIEM solutions, like LEM, are built on the principle that centralizing your log data, analyzing it in real-time, and providing you actionable intelligence is critical to keeping your business secure.

Core features of SIEM solutions include: Log & event data centralization, Event correlation historical analysis or search and reporting.

Log & Event Manager has these features and more.

The heart of any SIEM tool is data collection.

Collecting this data is the core of your ability to track, audit, and correlate critical security events.

LEM supports data collection from hundreds of different devices out-of-the-box.

These devices and logs generate messages that include things like authentication, network and security activity, system changes, and more.

Correlation is an important feature of true SIEM tools, and LEM provides real-time event correlation as your events are collected.

Correlation rules can be as simple as "any logon failure" to the more complex "alert on logon failures to my servers from remote desktop.

" Also, time and frequency correlations like "alert me when you see 5 logon failures from the same IP address to my servers from remote desktop" to multiple event correlations like "alert me when you see multiple logon failures followed by a successful logon from the same account.

" LEM also ships with hundreds of predefined correlation rules out-of-the-box to solve your most critical log & event monitoring needs quickly.

Beyond correlation, LEM has the ability to automate remediation steps with dozens of built-in active responses.

Within a correlation rule or manually from your LEM console, if you spot suspicious activity yourself , you can instantly perform actions like disabling a domain user account after repeat suspicious activity, removing a user from a privileged group like local admins, or blocking an attacking IP address.

LEM's visibility extends beyond servers and network devices into endpoint activity as well.

With USB-Defender, you can monitor systems for usage of USB mass storage devices, including what files and processes are being launched.

If you see something you don't like you can detach the USB device or build correlation rules to detach automatically based on what should be allowed.

If you need to extend your USB device policy to laptops that might be regularly disconnected or isolated, USB-Defender includes local policies that will be enforced as if they were.

Once you've started collecting log & event data, it's critical to have extended historical analysis, search, and reporting capabilities as well.

Troubleshoot or perform some basic forensic analysis with LEM's historical search functionality, which includes visual tools to help spot potential issues without combing through text of log records.

Report on historical data to create audit trails using our hundreds of pre-built report templates.

Last but not least, compliance initiatives all but spell out that a SIEM system is critical in establishing and maintaining compliance with requirements like PCI, HIPAA, Sarbanes-Oxley and others, not to mention countless internal audit requirements.

LEM includes content categorized specifically for compliance, making it easy to find various rules and reports applicable to a range of industries.

To learn more or to download a fully-functional 30-day trial of LEM, go to www.

Solarwinds.

Com.

Source: Youtube